<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<br>
<div class="moz-cite-prefix">On Tuesday 08 November 2016 01:55 AM,
Brendan Higgins wrote:<br>
</div>
<blockquote
cite="mid:CAFd5g45JxpeYZiq3inm0JkKeyQjk7T_4uARLY=Anf9EHXymhBQ@mail.gmail.com"
type="cite">
<div dir="ltr">Sharing the provider libraries makes sense; my
first area of concern is the API; I am currently working on a
change to the API (see <a moz-do-not-send="true"
href="https://gerrit.openbmc-project.xyz/#/c/841/"
target="_blank">https://gerrit.openbmc-<wbr>project.xyz/#/c/841/</a> for
details); I would prefer you do not make any changes to the
current API, but understand if the need arises before my change
is ready.</div>
</blockquote>
From what i have noticed in the patch, there is support for
ipmid_callback_t handlers as it is now. So the change in API is to
accommodate the OEM group ?<br>
So do you have plans to change the callback signatures for the
standard commands already implemented in host-ipmid?<br>
<br>
<blockquote
cite="mid:CAFd5g45JxpeYZiq3inm0JkKeyQjk7T_4uARLY=Anf9EHXymhBQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div><br class="gmail-Apple-interchange-newline">
<span
style="color:rgb(0,0,0);font-family:sans-serif;font-size:13px">Could
you elaborate on how you plan on enforcing privilege? Having
each provider check privilege level seems like a leaky
abstraction to me; I think it would make more sense to have
privilege managed by the host-ipmid and the net-ipmid.</span><br>
</div>
</div>
</blockquote>
Table G - Command Number Assignments and Privilege Levels in the
IPMI specification gives more details on this. <br>
<br>
Each command is assigned a privilege level( Callback, User,
Operator, Admin) which means that the command can be executed only
on a session with this privilege or higher.<br>
So if a command needs be executed on net-ipmid path, one of the
attribute needed for net-ipmid is the command's privilege level.<br>
The privilege provided by each command is a registration parameter
and it is consumed only by net-ipmid.<br>
<br>
As part of the same issue, i am separating commands that need to be
executed from system interface as a separate library. <br>
<br>
The provider libraries is now copied into /usr/lib/host-ipmid. The
plan is to have the /usr/lib/ipmid-providers as the default install
location for all providers<br>
and then symlink into /usr/lib/host-ipmid and /usr/lib/net-ipmid
depending on whether the provider library is needed in out-of-band
or in-band path.<br>
<blockquote
cite="mid:CAFd5g45JxpeYZiq3inm0JkKeyQjk7T_4uARLY=Anf9EHXymhBQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div><br>
</div>
<div>As far as the actual details concerning <span
style="color:rgb(33,33,33);font-family:"helvetica
neue",helvetica,arial,sans-serif">phosphor-net-ipmid: I
do not have strong opinions on the matter as Google has no
intention of using IPMI over LAN at this time, but would
welcome discussion on the matter nonetheless.</span></div>
<div><span
style="color:rgb(33,33,33);font-family:"helvetica
neue",helvetica,arial,sans-serif"><br>
</span></div>
<div><span
style="color:rgb(33,33,33);font-family:"helvetica
neue",helvetica,arial,sans-serif">Cheers</span></div>
</div>
</blockquote>
<br>
</body>
</html>